Nowadays in any website on the Internet uses a hashing algorithm to store the password the password. As it is not stored in the database. These websites uses a hashing algorithms to encrypt and manage the passwords.

How this technique works how we can safeguard our passwords in this article I will be going to discuss on these topics so stay tuned for the article till the end. 

There are manytypes of hashing algorithms like Md5, Sha1, Sha2, Tiger etc. As an example say Amazon while registering in it it asks you to fill the information like name, mobile number and email and a password the moment you click on the continue this data is sent to the back end in the database. In the database your information like name, mobile number, email etc is stored as it is. But what about the password? Well these passwords are never stored in the plain text manner.

Here the password is given add an input to the hashing algorithm and the output is an encrypted in form of the password and this encrypted password is stored in the database. Now consider a situation in which hackers hacked the database though he has all the values like name, email etc. he will not able to login into any account because the password here is encrypted if the hackers tried to login using this encrypted password he will not get an access he will only need to enter the plain password.

The only possible way is to decrypt the hashed password and get back the plain password but this is highly impossible. Because the hashing algorithms are a one-way function so what now this is the time where the strength of the passwords come into picture if we use a simple password like test that's 123 that the hacker will easily able to know the plain form of your password from the hack password using something called Rainbow Tables.

This table contains a password hashes of plenty of common passwords along with the plain text format there the site called crackstation.net, where the hacker will compare the Hat form to get the plain password and if the password hash exists in the rainbow table that means the password is successfully cracked.

But, what if the password is not found in the rainbow table? In that case the rainbow tables are no use so now comes Brute Force and Dictionary Attacks.

In a Brute-force Attack each and every letters numbers symbols and converted into the hash forms and then compared with the password hash which is to be cracked in simple words we take every possible combination of passwords convert them into the hash and check whether it get matches or not. 

This matter literally take so very much time to crack the password provided your password should be strong as simple passwords can be cracked easily by this method now in the dictionary attack the hacker had a text file contains lots of passwords in this attack the hacker writes a code which compares password hash to be crap with the password hash of each and every spring which is exist in the text file called Wordlist and if any hash is matched then that means the password cracking is successfully.

Nowadays a new technique called starting to make a hacker very difficult to crack the passwords in this technique a specific combination of characters are inserted at a specific position of the plain text password before the hash takesplace every company has its own salting algorithm which is a secret. For example let's say Instagram's salting algorithm is to insert a string q*m& sign at the fourth character and at the end of the plain password. 

The password after salting is hashed and stored in the database which eventually make the password more stronger but now the hash string of a password before salting does not matches the hash string of the password after salting therefore the techniques which we have discussed earlier fails here to crack the password unless and until the hacker comes to know the solving algorithm which is kind of impossible. Hope, this article was informative to you.